The Directory Services Restore Mode (DSRM) password is set on an individual server when it is promoted to a domain controller.
If you need to perform an authoritative restore of active directory you’ll need the password to be able to login to DSRM. Often it can be forgotten and not documented so you might need to reset it.
1. Open an administrative command prompt.
2. Type ntsdutil
3. Type set dsrm password
4. Type reset password on server null
5. Enter the password, and confirm underneath.
6. Type q and press Enter twice to quit.
At step 4, if you require to change the password on another domain controller, you can type the following; reset password on server servername where the servername is the fully qualified domain name of the server you want to reset the password on.